just a feedback with my wishlist. hope it's useful

[dl9sau]

Just a feedback for 0bin with problems I stumbled over, how I solved, and what I'm missing.
Thank you for that nice software.

Applied patches

• Compatibility fix for lockfile #95
• Add support for more binary file types (audio, video and other binaries) #99
• Replace ZeroClipboard by clipboard.js #89

Recommendation:
chown www-data 0bin/zerobin/content; chmod 700 0bin/zerobin/content

My changes

• expiry
  DURATIONS = {

  •   '1_min': 60,
    

  •   '10_min': 600,
    

  •   '1_hour': 3600,
    

  •   '10_hours': 36000,
     '1_day': 24 \* 3600,
    

  •    '3_days': 3 \* 24 \* 3600,
    

  •    '1_week': 7 \* 24 \* 3600,
     '1_month': 30 \* 24 \* 3600,
     'never': 365 \* 24 \* 3600 \* 100,
    

Problems

• with WSGI, URLs are not relative to the alias ->
  • 0bin/paste becomes /paste
    => needed to add
    WSGIScriptAlias /paste /srv/www/0bin/zerobin/app.wsgi/paste
    WSGIScriptAlias /static /srv/www/0bin/zerobin/app.wsgi/static
  • home (click top left on "0bin.net") becomes / -> leaves 0bin and goes to the webserver root
    -> commented that url out
  • "New paste" button: becomes / -> leaves 0bin and goes to the webserver root
• problems with 0bin/pull/99 (Add support for more binary file types (audio, video and other binaries)):
  • pictures are ok. An audio file I tested did not work. PDF, odt, tar pastes raw (after heavy CPU load by the browser)
  • download button appears twice in a line, the left one has the correct URL for the image file; the right one (which is always present, text or binary) is pointing to / (-> in my config, I leave 0bin and land on my webserver-root) => this original download button does not work.
  • google chrome and safari on (an old) IOS do the download of a picture flawlessly.
  • osx: firefox eats the filename-suffix on download.
  • android: firefox tends to segfault. another browser also eats the filename-suffix. chrome did not work (but this may be a security setting I did)
  • would have contacted author xdarklight but did not found how..

Does not work:

• zerobin/cmd.py -> now using apache2 with WSGIDaemonProcess, WSGIScriptAlias /0bin ...zerobin/app.wsgi
  with zerobin/app.wsgi:
  import os, sys
  ZEROBIN_PARENT_DIR = os.path.dirname(os.path.dirname(file))
  sys.path.insert(0, ZEROBIN_PARENT_DIR)
  from zerobin.routes import get_app

My todo:
make CSP config work, i.E.
Header set Content-Security-Policy "default-src 'none'; script-src 'unsafe-inline'; style-src 'unsafe-inline'; img-src 'self'

Feature request:

• upload all file types (esp. pdf; pdf preview would be nice)
• store data on the server in binary form (saves hd space)
• burn after reading: counter for n times.
• optionaly (user defined on upload) save and show IPv4/IPv6 addresses and timestamps when a file was downloaded (-> transparency, if something suspicious has happened before)
• delete button for being able to remove a paste before expiry

[sametmax]

Than for your feed back. There are a lot of things here, so I think they will be splitted into seperate issues.